From d910a69e1c45781076623c998e08a0d2e613685f Mon Sep 17 00:00:00 2001 From: pulak-opti Date: Mon, 7 Oct 2024 22:27:56 +0600 Subject: [PATCH 1/4] add support for base64 char for SDK Key & access token --- config.yaml | 2 +- config/config.go | 2 +- config/config_test.go | 2 +- pkg/optimizely/cache_test.go | 5 +++++ 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/config.yaml b/config.yaml index 2b237d7b..d3e8cc8e 100644 --- a/config.yaml +++ b/config.yaml @@ -177,7 +177,7 @@ client: ## Validation Regex on the request SDK Key ## By default Agent assumes only alphanumeric characters as part of the SDK Key string. ## https://github.com/google/re2/wiki/Syntax - sdkKeyRegex: "^[\\w=]+(:[\\w=]+)?$" + sdkKeyRegex: "^[a-zA-Z0-9+/=]+(:[a-zA-Z0-9+/=]+)?$" ## configure optional User profile service userProfileService: default: "" diff --git a/config/config.go b/config/config.go index 9e0eb059..9c367255 100644 --- a/config/config.go +++ b/config/config.go @@ -82,7 +82,7 @@ func NewDefaultConfig() *AgentConfig { DatafileURLTemplate: "https://cdn.optimizely.com/datafiles/%s.json", EventURL: "https://logx.optimizely.com/v1/events", // https://github.com/google/re2/wiki/Syntax - SdkKeyRegex: "^[\\w=]+(:[\\w=]+)?$", + SdkKeyRegex: "^[a-zA-Z0-9+/=]+(:[a-zA-Z0-9+/=]+)?$", UserProfileService: UserProfileServiceConfigs{ "default": "", "services": map[string]interface{}{}, diff --git a/config/config_test.go b/config/config_test.go index 4001828c..34729b30 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -82,7 +82,7 @@ func TestDefaultConfig(t *testing.T) { assert.Equal(t, 30*time.Second, conf.Client.FlushInterval) assert.Equal(t, "https://cdn.optimizely.com/datafiles/%s.json", conf.Client.DatafileURLTemplate) assert.Equal(t, "https://logx.optimizely.com/v1/events", conf.Client.EventURL) - assert.Equal(t, "^[\\w=]+(:[\\w=]+)?$", conf.Client.SdkKeyRegex) + assert.Equal(t, "^[a-zA-Z0-9+/=]+(:[a-zA-Z0-9+/=]+)?$", conf.Client.SdkKeyRegex) assert.Equal(t, "", conf.Client.UserProfileService["default"]) assert.Equal(t, false, conf.Client.ODP.Disable) assert.Equal(t, 1*time.Second, conf.Client.ODP.EventsFlushInterval) diff --git a/pkg/optimizely/cache_test.go b/pkg/optimizely/cache_test.go index 222b7d06..ec2b8ddb 100644 --- a/pkg/optimizely/cache_test.go +++ b/pkg/optimizely/cache_test.go @@ -781,6 +781,11 @@ func (s *DefaultLoaderTestSuite) TestDefaultRegexValidator() { {"abc:def:hij", false}, {"abc:", false}, {"123sdkKey:accesTokenWith=", true}, + {"abc+123", true}, + {"abc-123", false}, + {"abc/123", true}, + {"abc:def=", true}, + {"abc:acd+def/=", true}, } conf := config.NewDefaultConfig() From 5528e308f7405f52161212005581d34ae6f00982 Mon Sep 17 00:00:00 2001 From: pulak-opti Date: Mon, 7 Oct 2024 22:51:50 +0600 Subject: [PATCH 2/4] fix test --- pkg/optimizely/cache_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/optimizely/cache_test.go b/pkg/optimizely/cache_test.go index ec2b8ddb..63558784 100644 --- a/pkg/optimizely/cache_test.go +++ b/pkg/optimizely/cache_test.go @@ -772,7 +772,7 @@ func (s *DefaultLoaderTestSuite) TestDefaultRegexValidator() { input string expected bool }{ - {"1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_", true}, + {"1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", true}, {"12sdkKey:datafileAccessToken89", true}, {"!@#$%^&*()", false}, {"abc123!", false}, From f87ed420bb77020c0bfc3d3cd2a6e645703cbe44 Mon Sep 17 00:00:00 2001 From: pulak-opti Date: Tue, 8 Oct 2024 01:00:51 +0600 Subject: [PATCH 3/4] fix test --- tests/acceptance/test_acceptance/conftest.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/acceptance/test_acceptance/conftest.py b/tests/acceptance/test_acceptance/conftest.py index 75fe4257..82458766 100644 --- a/tests/acceptance/test_acceptance/conftest.py +++ b/tests/acceptance/test_acceptance/conftest.py @@ -43,7 +43,7 @@ def session_override_sdk_key(session_obj): :param session_obj: session fixture object :return: updated session object """ - session_obj.headers['X-Optimizely-SDK-Key'] = 'xxx_invalid_sdk_key_xxx' + session_obj.headers['X-Optimizely-SDK-Key'] = 'invalidsdkkey' return session_obj From 89f604ee6e01f2976d6160873607248969719c67 Mon Sep 17 00:00:00 2001 From: pulak-opti Date: Tue, 8 Oct 2024 01:18:09 +0600 Subject: [PATCH 4/4] update regex --- config.yaml | 2 +- config/config.go | 2 +- config/config_test.go | 2 +- pkg/optimizely/cache_test.go | 2 +- tests/acceptance/test_acceptance/conftest.py | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/config.yaml b/config.yaml index d3e8cc8e..d3145d3b 100644 --- a/config.yaml +++ b/config.yaml @@ -177,7 +177,7 @@ client: ## Validation Regex on the request SDK Key ## By default Agent assumes only alphanumeric characters as part of the SDK Key string. ## https://github.com/google/re2/wiki/Syntax - sdkKeyRegex: "^[a-zA-Z0-9+/=]+(:[a-zA-Z0-9+/=]+)?$" + sdkKeyRegex: "^[a-zA-Z0-9+/=_]+(:[a-zA-Z0-9+/=_]+)?$" ## configure optional User profile service userProfileService: default: "" diff --git a/config/config.go b/config/config.go index 9c367255..9e652910 100644 --- a/config/config.go +++ b/config/config.go @@ -82,7 +82,7 @@ func NewDefaultConfig() *AgentConfig { DatafileURLTemplate: "https://cdn.optimizely.com/datafiles/%s.json", EventURL: "https://logx.optimizely.com/v1/events", // https://github.com/google/re2/wiki/Syntax - SdkKeyRegex: "^[a-zA-Z0-9+/=]+(:[a-zA-Z0-9+/=]+)?$", + SdkKeyRegex: "^[a-zA-Z0-9+/=_]+(:[a-zA-Z0-9+/=_]+)?$", UserProfileService: UserProfileServiceConfigs{ "default": "", "services": map[string]interface{}{}, diff --git a/config/config_test.go b/config/config_test.go index 34729b30..917cd498 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -82,7 +82,7 @@ func TestDefaultConfig(t *testing.T) { assert.Equal(t, 30*time.Second, conf.Client.FlushInterval) assert.Equal(t, "https://cdn.optimizely.com/datafiles/%s.json", conf.Client.DatafileURLTemplate) assert.Equal(t, "https://logx.optimizely.com/v1/events", conf.Client.EventURL) - assert.Equal(t, "^[a-zA-Z0-9+/=]+(:[a-zA-Z0-9+/=]+)?$", conf.Client.SdkKeyRegex) + assert.Equal(t, "^[a-zA-Z0-9+/=_]+(:[a-zA-Z0-9+/=_]+)?$", conf.Client.SdkKeyRegex) assert.Equal(t, "", conf.Client.UserProfileService["default"]) assert.Equal(t, false, conf.Client.ODP.Disable) assert.Equal(t, 1*time.Second, conf.Client.ODP.EventsFlushInterval) diff --git a/pkg/optimizely/cache_test.go b/pkg/optimizely/cache_test.go index 63558784..ec2b8ddb 100644 --- a/pkg/optimizely/cache_test.go +++ b/pkg/optimizely/cache_test.go @@ -772,7 +772,7 @@ func (s *DefaultLoaderTestSuite) TestDefaultRegexValidator() { input string expected bool }{ - {"1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", true}, + {"1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_", true}, {"12sdkKey:datafileAccessToken89", true}, {"!@#$%^&*()", false}, {"abc123!", false}, diff --git a/tests/acceptance/test_acceptance/conftest.py b/tests/acceptance/test_acceptance/conftest.py index 82458766..75fe4257 100644 --- a/tests/acceptance/test_acceptance/conftest.py +++ b/tests/acceptance/test_acceptance/conftest.py @@ -43,7 +43,7 @@ def session_override_sdk_key(session_obj): :param session_obj: session fixture object :return: updated session object """ - session_obj.headers['X-Optimizely-SDK-Key'] = 'invalidsdkkey' + session_obj.headers['X-Optimizely-SDK-Key'] = 'xxx_invalid_sdk_key_xxx' return session_obj